Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Getting 403 from CloudFront WAF #69

Closed
krazkidd opened this issue Jul 29, 2024 · 2 comments · Fixed by #70
Closed

Getting 403 from CloudFront WAF #69

krazkidd opened this issue Jul 29, 2024 · 2 comments · Fixed by #70
Assignees
Labels
bug Something isn't working

Comments

@krazkidd
Copy link
Owner

krazkidd commented Jul 29, 2024

It seems the API services are hosted on CloudFront because today I am getting a 403 with a text/html response rather than the expected application/json response. CloudFront is mentioned in the response body.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: 69qECI1MEwrGCiPCkj_oWQUbxRDNjKG2WBW0A50GNG715O7HvYwFlA==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>

Debug builds were working as of yesterday and my test REST client (Thunder Client) is not reproducing the issue. This suggests some WAF rule has identified my app for abuse and is blocking requests.

@krazkidd krazkidd added the bug Something isn't working label Jul 29, 2024
@krazkidd
Copy link
Owner Author

krazkidd commented Jul 29, 2024

I am still looking into this issue. My first reaction is that maybe we should add some kind of agent signature. That should help CloudFront distinguish from other traffic.

@krazkidd krazkidd changed the title Getting 403 from Cloudflare WAF Getting 403 from CloudFront WAF Jul 30, 2024
@krazkidd
Copy link
Owner Author

I was able to get the login working again by adding a User-Agent header, as expected. However, some other calls are still failing (e.g. GetPositions), I believe due to supplying GET request parameters as JSON rather than query params. This was working before but now these requests are getting the same 304 HTML response. A quick refactor will fix this but I'm creating a branch now.

@krazkidd krazkidd self-assigned this Jul 30, 2024
@krazkidd krazkidd linked a pull request Jul 31, 2024 that will close this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant